Request Free Trials Phone:302.266.1272

Anti-Spoofing Protection

Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a message came from a person or entity they either know or can trust. In spoofing attacks, the sender forges email headers so that client software displays the fraudulent sender address, which most users take at face value. Unless they inspect the header more closely, users see the forged sender in a message. If it’s a name they recognize, they’re more likely to trust it. So they’ll click malicious links, open malware attachments, send sensitive data and even wire corporate funds.

Email spoofing is possible due to the way email systems are designed. Outgoing messages are assigned a sender address by the client application; outgoing email servers have no way to tell whether the sender address is legitimate or spoofed.

Recipient servers and anti-malware software can help detect and filter spoofed messages. Unfortunately, not every email service has security protocols in place. Still, users can review email headers packaged with every message to determine whether the sender address is forged.

Phishing is one of today’s most prominent cyber-attacks. Consider the following statistics:

  • 3.1 billion domain spoofing emails are sent per day.
  • More than 90% of cyber-attacks start with an email message.
  • Email spoofing and phishing have had a worldwide impact costing an estimated $26 billion since 2016.
  • In 2019, the FBI reported that 467,000 cyber-attacks were successful, and 24% of them were email-based.
  • The average scam tricked users out of $75,000.

Proofpoint anti-spoofing policies help prevent malicious senders from impersonating trusted domains, like those owned by banks, government, or your suppliers. Proofpoint Essentials uses a combination of SPF, DKIM, and DMARC to detect and stop spoofed messages.

Back to Top